Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DMVPN - remote site can access corporate LAN's but not internet

Have an interesting one I may need some assistance on.

Have a remote branch site setup on VPN (using DMVPN configuration). The site can access the main headquarters networks just fine, but can't get internet access. I think it's because the VPN router (VPN hub) located at the headquarters has a default route to it's internet routers so it can get access to the internet. We are running EIGRP internally. When I trace from the branch router to say (common public DNS server) the trace dies at the headquarters VPN hub router. When I trace to from the VPN hub router at the headquarters it goes straight out hits the internet routers and is fine.

Thanks in advance for suggestions.


Re: DMVPN - remote site can access corporate LAN's but not inter

Check your routing, are your redistributing a default route in EIGRP?

Does the branch site have a default route?

New Member

Re: DMVPN - remote site can access corporate LAN's but not inter

Hi Laurent,

The setup is link this.

The branch had a fiber connection, but has a backup DSL where we are running DMVPN over as a backup link. Traffic favors of course the fiber, but if there's a cut traffic will go over the backup DSL VPN link.

The branch has a default-route over the fiber to in internal router ad headquarters. The headquarters internal router has a default-route to the internet routers. Internet works fine when your traffic goes over the fiber, but when you test and take the fiber down traffic goes over the backup DSL VPN link to a router that is directly connected to the internet (our VPN hub router). This VPN hub router has a default-route pointing to the internet and a routting table of all our internal sites. This VPN hub router is not our true internet router, it's just a router with a public ip for the sites with DMVPN as a backup.

Hope this helps,


Re: DMVPN - remote site can access corporate LAN's but not inter


I suggest you look deeper into your routing.